server {
    listen 80;
    listen [::]:80;
    listen 443 ssl;
    listen [::]:443 ssl;
    
    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
    include /etc/letsencrypt/options-ssl-nginx.conf;
    ssl_dhparam /etc/ssl/dhparams.pem;
    
    server_name example.com;
    
    location /.well-known/matrix/client {
        return 200 '{
            "m.homeserver": {"base_url": "https://matrix.example.com"},
            "org.matrix.msc3575.proxy": {"url": "https://matrix.example.com"},
            "org.matrix.msc4143.rtc_foci":[
            	{"type": "livekit",
            	"livekit_service_url": "https://livekit.example.com"}
            ]
        }';
        default_type application/json;
        add_header 'Access-Control-Allow-Origin' '*';
    }
    
    location /.well-known/matrix/server {
        return 200 '{"m.server": "matrix.example.com"}';
        default_type application/json;
    }

    location /.well-known/matrix/support {
        return 200 '{ "contacts":
            [
                { "email_address": "admin@example.com",
                "matrix_id": "@admin:example.com",
                "role": "m.role.admin" },
                { "email_address": "security@example.com",
                "matrix_id": "@john:example.com",
                "role": "m.role.security" }
            ],
                "support_page": "https://www.example.com/matrix-support"
        }';
        default_type application/json;
    }

    
    location /.well-known/element/element.json {
        return 200 '{"call": {"widget_url": "https://call.example.com"}}';
        default_type application/json;
    }
    
    location / {
        if ($scheme = http) {
            return 301 https://$host$request_uri;
        }
    }
    
    access_log /var/log/nginx/example-access.log;
    error_log /var/log/nginx/example-error.log;
}